CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin (WordPress) is vulnerable in all versions up to 1.16.0 due to improper authorization checks. Authenticated users with subscriber-level access or higher can truncate SMTP log records or export sensitive log data (recipient/sender addresses, subjec...

CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

WordPress plugin SMTP2GO for WordPress – Email Made Easy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

WordPress SMTP2GO for WordPress – Email Made Easy plugin <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate vulnerability

Missing Authorization to Authenticated Subscriber+ Log Read/Truncate vulnerability discovered by darkmode in WordPress Plugin SMTP2GO versions = 1.16.0...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the NewNTUnicodeString function. An attacker can cause a truncated string rather than an error to be returned by convincing a user to access a filename of excessive length. Remediation Upgrade...

RUSTSEC-2026-0149 WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-2r75-cxrj-cmph For more information see the GitHub-hosted security advisory...

Astra Linux - уязвимость в python-django

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the chars and words methods from django.utils.text.Truncator when used with html=True are susceptible to a potential DoS denial of service attack due to certain inputs containing very long, potentially malformed HTML text. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Do not hold the nilock lock when calling truncatesetsize. syzbot reports a hung task during the call to douseraddrfault 1. There is a silent deadlock between the PGlocked bit and the nilock lock. Since the...

CVE-2026-44597

A flaw was found in Tor. A remote attacker can exploit an out-of-bounds read vulnerability when an END, TRUNCATE, or TRUNCATED cell lacks a reason in its payload. This can lead to a denial of service, making the Tor service unavailable...

SUSE CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

Django: Django: Denial of Service via crafted HTML inputs

A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the django.utils.text.Truncator.chars and Truncator.words methods when html=True, or through the truncatecharshtml and truncatewordshtml...

DEBIAN-CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

CVE-2026-44597

CVE-2026-44597 affects Tor before 0.4.9.7. The issue is an out-of-bounds read when END, TRUNCATE, or a TRUNCATED cell lacks a reason in its payload (TROVE-2026-011). Impact as per sources includes high confidentiality and availability risks (CVSS). Exploitation details are not provided in the doc...

EUVD-2026-28231

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

Tor 安全漏洞

Tor is a virtual tunnel network operated by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained a security vulnerability, which stemmed from the possibility of out-of-bounds reads when the...

CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...